Read Ahead – Cover6 Workshops

Read Ahead | Cover6 Solutions Workshops

This guide prepares you for our #PentesterPrep & #SOCAnalystPrep
hands-on cybersecurity training.

First, we want to thank you for your interest in Cover6 Solutions. If you made it this far, that means you have most likely registered for one of our workshops. For that, we are forever grateful, and you will always be considered family to us.

This material summarizes the workshops, the hardware and software requirements, helpful videos, and education references to help you better understand the class content.

Use the tabs below to view the material for your desired workshop.

Workshop Read Ahead

The #SOCAnalystPrep workshop is the defensive equivalent of the #PentesterPrep workshop. It prepares you to work in a Security Operations Center (SOC) immediately upon completion. For this class, you will need the following tools installed:

We DO NOT teach Kali Linux in this workshop. However, you will see offensive techniques used by the instructor to simulate attacker activity.

We will provide you access to the following online servers, so be sure to bookmark the following URLs:

The #PentesterPrep Workshop will require Kali Linux (Kali).

Although the tools can be installed in similar operating systems, these instructions are meant for Kali Linux only.

Step 1. Install a hypervisor

The hypervisor or virtual machine monitor is a software package that allows you to create a virtual machine (VM) on your host device/laptop. Any new virtual machine you make will be considered a guest machine.

We recommend installing VirtualBox (Windows, OS X, Linux, or Solaris) or VMWare Fusion (Mac). For some reason, we’ve had several issues with students running VMWare Workstation. You can download a hypervisor from the following locations:

The installation process for both VirtualBox and any VMWare products is a straightforward “push-through” install. Unless you have a specific folder where you would like to save your virtual machines, you can accept all of the default options.

Keep in mind that each new VM will require processing power and memory from the host machine. Even with a minimum of 8 GB of RAM, a standard laptop could still fully power the two VMs needed to help you start. 

Step 2. Download and install or import Kali

Disclaimer: Kali Linux is an operating system for hackers built by hackers. Upon installing Kali, you will own hundreds of tools. Please be aware of the power of these tools! Improper use of these tools outside of a training environment could lead to severe damage (for anyone you target) and/or jail time (for you). 

You can use pre-configured virtual machines, or you can install Kali straight from a .iso file. Be sure to use the images from “Kali Linux VirtualBox Images” if you are using VirtualBox. You can find images and .iso files at the following locations:

For the .iso, we recommend that you use the Kali Linux 64-bit image. Also, be sure to select the right image for your hypervisor (VMWare or VirtualBox).

Step 3. Make the PostgreSQL service persistent

It is good to have the PostgreSQL service remain persistent (start on boot).

# sudo update-rc.d postgresql enable

Step 4. Change the default SSH keys (optional) 

To better protect your ssh sessions, we recommend that you change the default keys. You can first create a folder to hold a back up copy of your current keys and then move the current keys to the backup folder.

# sudo mkdir /etc/ssh/backup-keys
# sudo mv /etc/ssh/ssh_host_* /etc/ssh/backup-keys

Now you can create a new set of ssh keys with the following command:

# sudo dpkg-reconfigure openssh-server

Step 5. Configure the Metasploit database

There are additional options to fine-tune and help secure your instance of Kali Linux. Online you can find some tips by searching for “Things to do after installing Kali Linux.” For now, we recommend that you have the Metasploit Database up and running in Kali. The database will help keep all of your scans, vulnerabilities, exploits, and identified credentials or passwords in one place.

A few services are required depending on what version of Kali you have. For older versions, you will need to start the PostgreSQL and Metasploit services. For newer versions, you will only need to start the PostgreSQL service.

Here are the commands needed to ensure your database is working with a fresh Kali Linux install.

# sudo systemctl start postgresql
# sudo msfdb init
# sudo msfconsole
msf > workspace

At this point, you should see a * Default workspace. If the default workspace appears after typing msfconsole and workspace, you are ready for the workshop!

The #AttackNDefend workshop is where we combine both the skills of a penetration tester (pentester) and a Security Operations Center (SOC) Analyst. For this class, you will need the following tools installed:

This Workshop will also require Kali Linux (Kali).

Although the tools can be installed in similar operating systems, these instructions are meant for Kali Linux only.

Step 1. Install a hypervisor

The hypervisor or virtual machine monitor is a software package that allows you to create a virtual machine (VM) on your host device/laptop. Any new virtual machine you make will be considered a guest machine.

We recommend installing VirtualBox (Windows, OS X, Linux, or Solaris) or VMWare Fusion (Mac). For some reason, we’ve had several issues with students running VMWare Workstation. You can download a hypervisor from the following locations:

The installation process for both VirtualBox and any VMWare products is a straightforward “push-through” install. Unless you have a specific folder where you would like to save your virtual machines, you can accept all of the default options.

Keep in mind that each new VM will require processing power and memory from the host machine. Even with a minimum of 8 GB of RAM, a standard laptop could still fully power the two VMs needed to help you start. 

Step 2. Download and install or import Kali

Disclaimer: Kali Linux is an operating system for hackers built by hackers. Upon installing Kali, you will own hundreds of tools. Please be aware of the power of these tools! Improper use of these tools outside of a training environment could lead to severe damage (for anyone you target) and/or jail time (for you). 

You can use pre-configured virtual machines, or you can install Kali straight from a .iso file. Be sure to use the images from “Kali Linux VirtualBox Images” if you are using VirtualBox. You can find images and .iso files at the following locations:

For the .iso, we recommend that you use the Kali Linux 64-bit image. Also, be sure to select the right image for your hypervisor (VMWare or VirtualBox).

Step 3. Make the PostgreSQL service persistent

It is good to have the PostgreSQL service remain persistent (start on boot).

# sudo update-rc.d postgresql enable

Step 4. Change the default SSH keys (optional) 

To better protect your ssh sessions, we recommend that you change the default keys. You can first create a folder to hold a back up copy of your current keys and then move the current keys to the backup folder.

# sudo mkdir /etc/ssh/backup-keys
# sudo mv /etc/ssh/ssh_host_* /etc/ssh/backup-keys

Now you can create a new set of ssh keys with the following command:

# sudo dpkg-reconfigure openssh-server

Step 5. Configure the Metasploit database

There are additional options to fine-tune and help secure your instance of Kali Linux. Online you can find some tips by searching for “Things to do after installing Kali Linux.” For now, we recommend that you have the Metasploit Database up and running in Kali. The database will help keep all of your scans, vulnerabilities, exploits, and identified credentials or passwords in one place.

A few services are required depending on what version of Kali you have. For older versions, you will need to start the PostgreSQL and Metasploit services. For newer versions, you will only need to start the PostgreSQL service.

Here are the commands needed to ensure your database is working with a fresh Kali Linux install.

# sudo systemctl start postgresql
# sudo msfdb init
# sudo msfconsole
msf > workspace

At this point, you should see a * Default workspace. If the default workspace appears after typing msfconsole and workspace, you are ready for the workshop!

Lastly, we will provide you access to the following online servers, so be sure to bookmark the following URLs:

Workshop Summaries

Through real-world, hands-on instruction, and with a focus on network defense, we provide a path to a successful career as a Security Operations Center (SOC) Analyst. #SOCAnalystPrep.

Ever wondered what it is like to be on the front line of defense in the Cybersecurity industry? If so, you may be interested in becoming a Security Operations Center (SOC) Analyst.

SOC Analysts are highly sought-after individuals who identify compromised machines and malicious actors. These individuals utilize defensive security skills and techniques that are commonly used in the industry while working to mitigate any damages that may have occurred.

In this training, participants will oversee a network that is currently under attack. Our students will learn various strategies to help defend against several attack scenarios. A few of the tools and technologies that participants will explore include; Security Onion, Wireshark, Splunk, and Nessus. As a participant, we highly recommended that you perform additional research and self-study to continue and maintain your established knowledge and toolkit.  

The provided content is listed below as a guide for the course and is subject to change. We appreciate your support and hope that you enjoy the training. We look forward to your participation and feedback, as well. 

If you have any additional questions outside of the FAQs, please do not hesitate to reach out to info@cover6solutions.com, and we will be happy to assist you.

Course Outline

The course covers the four primary exam objectives for the CompTIA CySA+ Certification:

  1. Threat Management
  2. Vulnerability Management
  3. Cyber Incident Response
  4. Security Architecture and Tool Sets 

Note: This is NOT an official CompTIA Training but preparation for real-world scenarios as a cybersecurity analyst and the Cybersecurity Analyst+ certification exam. Various tools, techniques, and procedures will be covered; thus, those listed are just examples and are not limited to only those, as the material is subject to change.

Have you ever wanted to learn about what it takes to be a Penetration Tester? Does taking a hands-on practical exam make you nervous?  We are here to help you get past that.

Over five weeks (every Tuesday from 6-9 PM ET), our hands-on “Live” workshop will provide what it takes to begin your journey as a successful #Pentester. Whether you are a beginner or a seasoned professional, this training will teach you offensive techniques to improve your pentesting skills all while making you a better defender.

Throughout the course, we will address and discuss various penetration testing topics, tools, technologies, and methodologies that are commonly used in the industry. By no means are the course and its objectives all-encompassing. As a participant, it is highly recommended that you perform additional research and self-study to continue and maintain your established knowledge and toolkit.  

The provided content is listed below as a guide for the course and is subject to change. We appreciate your support and hope that you enjoy the training. We look forward to your participation and feedback as well.  

If you have any additional questions outside of the FAQs, please do not hesitate to reach out to info@cover6solutions.com and we will be happy to assist you. 

Course Outline 

This course is tailored to assist with the preparation for all offensive (practical) exams. It also includes the five primary exam objectives for the CompTIA Pentest+ Certification which are: 

  1. Planning and Scoping 
  2. Information Gathering and Vulnerability Identification 
  3. Attacks and Exploits 
  4. Penetration Testing Tools 
  5. Reporting and Communication 

Note: This is NOT an official CompTIA Training but but rather preparation for real scenarios you may encounter in pentesting engagements or on the Pentest+ exam. Various tools, techniques and procedures will be covered thus those listed are just examples and are not limited to only those, as material is subject to change. 

Helpful Videos